Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Blogs / Streamlining Operations with D365FO and Power P... / Field Level Security in D36...

Field Level Security in D365F&O-without code Level changes

mallesh varma Profile Picture mallesh varma 185
Security Role: Security roles are created to include every level of security needed for a person in a certain organizational function to carry out all of their regular responsibilities and operations. With Dynamics 365 Finance and Operations, 137 standard security roles are included.
Duty: Duties are a group of security privileges that typically correspond to a single step or segment of a business process. The list of responsibilities includes things like "Maintain customer data,", "Generate financial reports." The most typical technique to provide or revoke access to particular sections of a business process is to add or remove obligations.
Privileges: The lowest level of the Dynamics 365 Finance and Operations security paradigm is a security privilege. The Create, Read, Update, and Delete (CRUD) level rights are included in the security privilege and can be toggled to satisfy extremely specific security requirements.
Requirement: Let's say my client needed view access to a few fields on the customer form. Since we can't do this with security roles, we'll need to make modifications at the table level. I looked for blogs that covered this topic, but the majority were written at the code level. I'll use the functional present to explain.

Currently, those who have Maintain access to the Customer form can edit the Sales district field. I ought to have grayed out that field by increasing security.
Step-1:Go to the "All Customers" form and select "Options" page Options -> Security diagnostics,

Note the Privileges that are connected to this form for "all customers".

When you right-click on the sales district, the form name and control name will appear. Make a note of those details. You can also click on the form name to see more information.
Navigate: System administration > Security >Security configuration

Under the privileges filter, select the with specific "customer maintain records" and click on the tables. If there isn't a table, we should add through the add references as described above, then click on the add references to add the sales district field as noted before.


Here, filter the specific fields "SalesDistrictID" and choose the properties as stated; I've chosen view access only, not edit access, for the sales district.
Click on OK.

The affected modifications are linked to the above security roles; select all and press "publish all"
Note: If you don't want to change the default roles, I advise duplicating the privileges and making changes at the table level, as this won't change the security roles that are already in place.
Result:

The sales district field was grayed out and locked down, making changes impossible.
Users that have access to all customers and the appropriate security responsibilities that have been assigned to them will see this update.
Similar to the above procedure, we can use it to lock down more fields without requiring code level changes.
-Mallesh Varma
​​​​​​​

Comments